VIRY.CZ

Nejde spustit Tento počítač. Prosím o kontrolu logu.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Petrákovi (administrator) on PETR-B7099E6E73 on 12-11-2013 19:32:59
Running from C:\Documents and Settings\Petrákovi\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Documents and Settings\Petrákovi\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2004-11-02] (Cyberlink Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-15] (Google Inc.)
MountPoints2: {4a91696e-3246-11e1-9546-001fd0633c3e} - E:\iStudio.exe
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Toolbar: HKCU - No Name - {41545534-2D56-3700-76A7-7A786E7484D7} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Petrákovi\Data aplikací\Mozilla\Firefox\Profiles\sn41vgff.default
FF Homepage: hxxp://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\arccosine.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Petrákovi\Data aplikací\IDM\idmmzcc5
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Petrákovi\Data aplikací\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR RestoreOnStartup: "hxxp://www.seznam.cz/"
CHR Extension: (Docs) - C:\DOCUME~1\PETRKO~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\DOCUME~1\PETRKO~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\DOCUME~1\PETRKO~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\DOCUME~1\PETRKO~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\DOCUME~1\PETRKO~1\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx
CHR HKLM\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Program Files\Internet Download Manager\IDMGCExt.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2013-01-25] (SUPERAntiSpyware.com)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] ()
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120 2012-01-20] (NVIDIA Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-06-18] (Advanced Micro Devices)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1872192 2009-05-20] (C-Media Inc)
S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2008-11-29] (Windows (R) 2000 DDK provider)
S3 IDMTDI; C:\Windows\System32\DRIVERS\idmtdi.sys [120800 2013-10-02] (Tonec Inc.)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [145952 2008-08-18] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [9856 2009-01-16] (Padus, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce))
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [82296 2007-01-12] (Protection Technology (StarForce))
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1806448 2011-06-14] (VIA Technologies, Inc.)
S3 IntcAzAudAddService; system32\drivers\RtkHDAud.sys [x]
S4 IntelIde; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [x]
U1 WS2IFSL;
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-12 19:27 - 2013-11-12 19:27 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Petrákovi\Plocha\FRSTLauncher.exe
2013-11-12 19:25 - 2013-11-12 19:25 - 01090275 _____ (Farbar) C:\Documents and Settings\Petrákovi\Plocha\FRST.exe
2013-11-12 19:19 - 2013-11-12 19:19 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Dream Aquarium
2013-11-12 19:05 - 2013-11-12 19:05 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\AVG2014
2013-11-12 18:54 - 2013-11-12 18:54 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\ACD Systems
2013-11-12 18:48 - 2013-11-12 19:27 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty\Stažené soubory
2013-11-12 18:48 - 2013-11-12 18:48 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Mozilla
2013-11-12 18:46 - 2013-11-12 18:46 - 00000000 __SHD C:\Documents and Settings\Petrákovi\IECompatCache
2013-11-12 18:46 - 2013-11-12 18:46 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Macromedia
2013-11-12 18:46 - 2013-11-12 18:46 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Google
2013-11-12 18:33 - 2013-11-12 18:33 - 00000000 ____D C:\Documents and Settings\Petrákovi\Local Settings\Data aplikací\GHISLER
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Ghost
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\FLVService
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\FlatOut Ultimate Carnage
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Disney Interactive Studios
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Conduit
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Canon Easy-LayoutPrint
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\BS_Player
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\avgchrome
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Avg2014
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\AquaFish 2
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Anthropics
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Ahead
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Adobe
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Ad1 Ltd
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\2K Games
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty\WIFI
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty\Veselá kráva
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Adobe
2013-11-12 18:29 - 2013-11-12 19:02 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty
2013-11-12 18:29 - 2013-11-12 18:29 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty\SIPO
2013-11-12 18:19 - 2013-11-12 18:41 - 00000000 ____D C:\Documents and Settings\Zdenek
2013-11-12 18:19 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací
2013-11-12 18:19 - 2013-11-12 18:19 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Google
2013-11-12 18:14 - 2013-11-12 18:14 - 00000000 ____D C:\FRST
2013-11-12 15:36 - 2013-11-12 15:36 - 00002850 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-11 17:28 - 2013-11-11 17:28 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-11-10 14:26 - 2013-11-10 14:26 - 00000682 _____ C:\Documents and Settings\Petrákovi\Plocha\DVD Shrink.lnk
2013-11-10 14:26 - 2013-11-10 14:26 - 00000000 ____D C:\Program Files\Dream Aquarium
2013-11-10 14:26 - 2013-11-10 14:26 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Dream Aquarium
2013-11-10 14:03 - 1999-12-17 09:13 - 00086016 ____R (MindVision Software) C:\WINDOWS\unvise32.exe
2013-11-06 18:02 - 2013-11-06 18:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-03 20:34 - 2013-11-03 20:35 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\K-Lite Codec Pack
2013-11-03 20:34 - 2013-11-03 20:34 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-11-03 20:34 - 2013-09-12 19:00 - 00112640 _____ C:\WINDOWS\system32\ff_vfw.dll
2013-11-03 20:34 - 2013-08-22 18:09 - 00217176 _____ C:\WINDOWS\system32\unrar.dll
2013-11-03 20:34 - 2013-03-17 17:21 - 03649536 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw.dll
2013-11-03 20:34 - 2012-07-21 11:54 - 00122880 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2013-11-03 20:34 - 2012-05-21 22:48 - 00000415 _____ C:\WINDOWS\system32\lame_acm.xml
2013-11-03 20:34 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2013-11-03 20:34 - 2011-06-24 15:44 - 00243200 _____ C:\WINDOWS\system32\xvidvfw.dll
2013-11-03 20:34 - 2011-06-24 15:28 - 00650752 _____ C:\WINDOWS\system32\xvidcore.dll
2013-11-03 20:34 - 2011-06-22 15:14 - 00000714 _____ C:\WINDOWS\system32\ff_vfw.dll.manifest
2013-11-03 20:34 - 2008-09-24 19:41 - 00839680 _____ (http://www.mp3dev.org/) C:\WINDOWS\system32\lameACM.acm
2013-10-26 19:12 - 2013-10-05 19:19 - 00000747 _____ C:\Documents and Settings\Petrákovi\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-10-26 13:16 - 2013-10-26 13:16 - 00000000 ____D C:\Program Files\Solitaire XP
2013-10-23 19:19 - 2013-10-23 19:19 - 00000000 ____D C:\Program Files\PSPad editor
2013-10-23 19:19 - 2013-10-23 19:19 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\PSPad editor
2013-10-16 15:56 - 2013-10-16 15:56 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2013-10-16 15:56 - 2013-10-08 06:50 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-16 15:56 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 15:56 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 15:56 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 15:56 - 2013-10-08 06:29 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-10-16 15:55 - 2013-10-16 15:56 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log

==================== One Month Modified Files and Folders =======

2013-11-12 19:32 - 2008-11-29 15:43 - 00000000 ___HD C:\Documents and Settings\Petrákovi\Local Settings\Data aplikací
2013-11-12 19:32 - 2008-11-29 15:43 - 00000000 ____D C:\Documents and Settings\Petrákovi\Plocha
2013-11-12 19:27 - 2013-11-12 19:27 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Petrákovi\Plocha\FRSTLauncher.exe
2013-11-12 19:27 - 2013-11-12 18:48 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty\Stažené soubory
2013-11-12 19:25 - 2013-11-12 19:25 - 01090275 _____ (Farbar) C:\Documents and Settings\Petrákovi\Plocha\FRST.exe
2013-11-12 19:19 - 2013-11-12 19:19 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Dream Aquarium
2013-11-12 19:19 - 2008-11-29 15:43 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací
2013-11-12 19:05 - 2013-11-12 19:05 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\AVG2014
2013-11-12 19:03 - 2011-01-15 10:26 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-12 19:02 - 2013-11-12 18:29 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty
2013-11-12 18:55 - 2008-11-29 16:32 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-12 18:55 - 2008-11-29 16:32 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-12 18:54 - 2013-11-12 18:54 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\ACD Systems
2013-11-12 18:54 - 2011-01-15 10:26 - 00000000 ____D C:\Documents and Settings\Petrákovi\Local Settings\Data aplikací\Google
2013-11-12 18:54 - 2011-01-15 10:23 - 00000000 ____D C:\Program Files\Google
2013-11-12 18:48 - 2013-11-12 18:48 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Mozilla
2013-11-12 18:46 - 2013-11-12 18:46 - 00000000 __SHD C:\Documents and Settings\Petrákovi\IECompatCache
2013-11-12 18:46 - 2013-11-12 18:46 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Macromedia
2013-11-12 18:46 - 2013-11-12 18:46 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Google
2013-11-12 18:46 - 2008-11-29 15:43 - 00000000 ____D C:\Documents and Settings\Petrákovi
2013-11-12 18:41 - 2013-11-12 18:19 - 00000000 ____D C:\Documents and Settings\Zdenek
2013-11-12 18:37 - 2008-11-29 15:43 - 00000000 ___RD C:\Documents and Settings\Petrákovi\Nabídka Start
2013-11-12 18:34 - 2008-11-29 15:43 - 00000000 ___RD C:\Documents and Settings\Petrákovi\Nabídka Start\Programy
2013-11-12 18:33 - 2013-11-12 18:33 - 00000000 ____D C:\Documents and Settings\Petrákovi\Local Settings\Data aplikací\GHISLER
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Ghost
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\FLVService
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\FlatOut Ultimate Carnage
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Disney Interactive Studios
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Conduit
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Canon Easy-LayoutPrint
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\BS_Player
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\avgchrome
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Avg2014
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\AquaFish 2
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Anthropics
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Ahead
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Adobe
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Ad1 Ltd
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\2K Games
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty\WIFI
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty\Veselá kráva
2013-11-12 18:30 - 2013-11-12 18:30 - 00000000 ____D C:\Documents and Settings\Petrákovi\Data aplikací\Adobe
2013-11-12 18:30 - 2013-11-12 18:19 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací
2013-11-12 18:30 - 2010-09-21 17:48 - 00000000 ____D C:\Documents and Settings\Petrákovi\Local Settings\Data aplikací\Adobe
2013-11-12 18:29 - 2013-11-12 18:29 - 00000000 ____D C:\Documents and Settings\Petrákovi\Dokumenty\SIPO
2013-11-12 18:27 - 2009-01-16 16:06 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Total Commander
2013-11-12 18:19 - 2013-11-12 18:19 - 00000000 ____D C:\Documents and Settings\Zdenek\Local Settings\Data aplikací\Google
2013-11-12 18:19 - 2013-09-29 19:14 - 00000000 ____D C:\Documents and Settings\Petrákovi\Local Settings\Data aplikací\Avg2014
2013-11-12 18:14 - 2013-11-12 18:14 - 00000000 ____D C:\FRST
2013-11-12 17:49 - 2013-08-26 19:14 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-11-12 16:45 - 2011-01-15 10:26 - 00000942 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-12 16:40 - 2008-11-29 15:43 - 00000272 ___SH C:\Documents and Settings\Petrákovi\ntuser.ini
2013-11-12 15:38 - 2008-11-29 16:32 - 00773292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-12 15:36 - 2013-11-12 15:36 - 00002850 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-12 15:36 - 2013-07-31 17:20 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-12 15:36 - 2008-11-29 15:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-12 15:36 - 2008-04-14 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-12 15:34 - 2009-09-01 10:39 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-11-11 18:38 - 2009-03-29 16:39 - 00000000 ____D C:\WINDOWS\Minidump
2013-11-11 17:28 - 2013-11-11 17:28 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-11-11 17:28 - 2008-11-29 16:31 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-11 16:20 - 2013-10-01 19:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\eSafe
2013-11-10 21:34 - 2008-11-29 16:30 - 00000223 __RSH C:\boot.ini
2013-11-10 18:23 - 2008-11-29 16:34 - 00000501 ____R C:\WINDOWS\wiadebug.log
2013-11-10 18:23 - 2008-11-29 15:38 - 01874447 ____R C:\WINDOWS\WindowsUpdate.log
2013-11-10 14:26 - 2013-11-10 14:26 - 00000682 _____ C:\Documents and Settings\Petrákovi\Plocha\DVD Shrink.lnk
2013-11-10 14:26 - 2013-11-10 14:26 - 00000000 ____D C:\Program Files\Dream Aquarium
2013-11-10 14:26 - 2013-11-10 14:26 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Dream Aquarium
2013-11-10 14:26 - 2009-01-16 16:01 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\DVD Shrink
2013-11-10 14:14 - 2013-09-03 18:57 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\EndNote
2013-11-10 14:10 - 2012-11-17 19:01 - 00000780 _____ C:\Documents and Settings\Petrákovi\Plocha\ACDSee6.lnk
2013-11-10 11:42 - 2008-11-29 15:43 - 00000000 ___RD C:\Documents and Settings\Petrákovi\Plocha\Hudba
2013-11-10 10:41 - 2011-05-24 19:08 - 00000000 ____D C:\Program Files\GTA-SanAndreas
2013-11-09 17:28 - 2011-05-27 13:42 - 00000000 ____D C:\Program Files\WoW
2013-11-09 15:55 - 2013-01-25 13:27 - 00000402 _____ C:\WINDOWS\system\Cmicnfg3.ini
2013-11-06 19:36 - 2013-10-05 19:19 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-06 18:20 - 2013-11-06 18:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-03 20:35 - 2013-11-03 20:34 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\K-Lite Codec Pack
2013-11-03 20:34 - 2013-11-03 20:34 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-11-03 11:41 - 2008-11-29 15:37 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Hry
2013-11-02 21:50 - 2011-12-04 17:36 - 00002563 _____ C:\Documents and Settings\Petrákovi\Plocha\Microsoft Word.lnk
2013-10-31 15:34 - 2009-01-16 16:06 - 00000759 ____R C:\WINDOWS\wincmd.ini
2013-10-26 19:21 - 2013-09-03 18:58 - 00000000 ____D C:\Program Files\Common Files\Risxtd
2013-10-26 13:22 - 2008-11-29 15:43 - 00000000 ___RD C:\Documents and Settings\Petrákovi\Nabídka Start\Programy\Po spuštění
2013-10-26 13:16 - 2013-10-26 13:16 - 00000000 ____D C:\Program Files\Solitaire XP
2013-10-23 19:19 - 2013-10-23 19:19 - 00000000 ____D C:\Program Files\PSPad editor
2013-10-23 19:19 - 2013-10-23 19:19 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\PSPad editor
2013-10-20 15:12 - 2011-01-15 10:21 - 00000000 ___RD C:\Program Files\Skype
2013-10-19 12:57 - 2011-02-18 20:48 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-17 18:17 - 2009-01-16 16:08 - 00000000 ____D C:\Foto
2013-10-16 15:56 - 2013-10-16 15:56 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2013-10-16 15:56 - 2013-10-16 15:55 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-10-16 15:56 - 2013-02-12 20:20 - 00000000 ____D C:\Program Files\Java
2013-10-13 19:00 - 2008-11-29 16:31 - 01587320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-13 17:04 - 2008-11-29 15:44 - 00077944 _____ C:\Documents and Settings\Petrákovi\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT

Some content of TEMP:
====================
C:\Documents and Settings\Petrákovi\Local Settings\Temp\9982nua.exe
C:\Documents and Settings\Petrákovi\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\Petrákovi\Local Settings\Temp\GLB1A2B.EXE
C:\Documents and Settings\Petrákovi\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\Petrákovi\Local Settings\Temp\Planes.exe
C:\Documents and Settings\Petrákovi\Local Settings\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-04-14 13:00] - [2008-04-14 13:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 13:00] - [2008-04-14 13:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1





===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Místní disk) (Fixed) (Total:298.08 GB) (Free:219.36 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 1327.16 MB
Total physical RAM: 2047.16 MB
Percentage of memory in use: 35%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 298 GB) (Disk ID: D759D759)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\Petrákovi\regbcm:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\Petrákovi\regbcm:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\Petrákovi\Dokumenty\SMC-training.pdf:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\Petrákovi\Dokumenty\SMC-training.pdf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\Petrákovi\Dokumenty\Soly.odt:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\Petrákovi\Dokumenty\Soly.odt:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\Petrákovi\Dokumenty\Český jazyk - klasicismus - písemka.pdf:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\Petrákovi\Dokumenty\Český jazyk - klasicismus - písemka.pdf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\Petrákovi\Dokumenty\Čeština - na fb!!!.rtf:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\Petrákovi\Dokumenty\Čeština - na fb!!!.rtf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Petrkovi\Plocha" je 928 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CmPCIaudio
C:\WINDOWS\system32\ctfmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
C:\WINDOWS\inf\msxawux.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msxawuxSrv
C:\WINDOWS\inf\ntvdm.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter
"C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4
"C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer
"C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate
C:\Program Files\vShare\vShare.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vShare
Reim ECHO je vypnut.


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\FlatOut2\\FlatOut2.exe"="C:\\Program Files\\FlatOut2\\FlatOut2.exe:*:Enabled:FlatOut2"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"E:\\CS\\hl.exe"="E:\\CS\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Documents and Settings\\Petrkovi\\Local Settings\\Temp\\bulanci.tmp"="C:\\Documents and Settings\\Petrkovi\\Local Settings\\Temp\\bulanci.tmp:*:Enabled:bulanci"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Documents and Settings\\Petrkovi\\Plocha\\Counter-Strike 1.6\\hl.exe"="C:\\Documents and Settings\\Petrkovi\\Plocha\\Counter-Strike 1.6\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Program Files\\Java\\jre7\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre7\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe:*:Enabled:Instaltor AVG"
"C:\\Documents and Settings\\Petrkovi\\Local Settings\\Temp\\Adobe Reader X.exe"="C:\\Documents and Settings\\Petrkovi\\Local Settings\\Temp\\Adobe Reader X.exe:*:Enabled:Adobe Reader X.exe"
"C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe:*:Enabled:Webov tt"
"C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"="C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgemcx.exe:*:Enabled:Obecn kontrola poty"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Log z Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Petr kovi on Łt 12.11.2013 at 19:42:39,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1060933
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1750559
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2475029
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\ask.com"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 12.11.2013 at 19:46:25,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log z AdwCleaner

# AdwCleaner v3.012 - Report created 12/11/2013 at 19:49:30
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Petrákovi - PETR-B7099E6E73
# Running from : C:\Documents and Settings\Petrákovi\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\eSafe
Folder Deleted : C:\Program Files\BS Player

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\Petrákovi\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\5de8dd9b13fe942
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{092EF8A0-77FD-4DAC-B3AF-60A871A0E5E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AC97107-A613-47E5-BC1E-1CAE751C0D7A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\BS_Player
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Documents and Settings\Petrákovi\Data aplikací\Mozilla\Firefox\Profiles\sn41vgff.default\prefs.js ]


-\\ Google Chrome v31.0.1650.48

[ File : C:\Documents and Settings\Petrákovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4248 octets] - [12/11/2013 19:48:57]
AdwCleaner[S0].txt - [4108 octets] - [12/11/2013 19:49:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4168 octets] ##########

Tak prvotni vycisteni od balastu mame za sebou, jdem lecit...

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

rkill

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/12/2013 08:04:51 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

* Reparse Point/Junctions Found (Most likely legitimate)!

* C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\sfcfiles.dll : 1 571 840 : 10/19/2008 11:15 AM : 8a4209f4c57f1789974fe5d8dcfc25bb [NoSig]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/12/2013 08:05:30 PM
Execution time: 0 hours(s), 0 minute(s), and 39 seconds(s)

Pokracujte ComboFixem...

Log z Combofix

ComboFix 13-11-11.01 - Petrákovi 12.11.2013 20:13:46.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1406 [GMT 1:00]
Spuštěný z: c:\documents and settings\Petrßkovi\Plocha\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-12 do 2013-11-12 )))))))))))))))))))))))))))))))
.
.
2013-11-12 18:48 . 2013-11-12 18:49 -------- d-----w- C:\AdwCleaner
2013-11-12 18:43 . 2013-11-12 18:43 -------- d-----w- c:\documents and settings\Petrákovi\Data aplikací\Happy Foto
2013-11-12 18:42 . 2013-11-12 18:42 -------- d-----w- c:\windows\ERUNT
2013-11-12 18:19 . 2013-11-12 18:19 -------- d-----w- c:\documents and settings\Petrákovi\Data aplikací\Dream Aquarium
2013-11-12 18:05 . 2013-11-12 18:05 -------- d-----w- c:\documents and settings\Petrákovi\Data aplikací\AVG2014
2013-11-12 17:54 . 2013-11-12 17:54 -------- d-----w- c:\documents and settings\Petrákovi\Data aplikací\ACD Systems
2013-11-12 17:46 . 2013-11-12 17:46 -------- d-sh--w- c:\documents and settings\Petrákovi\IECompatCache
2013-11-12 17:33 . 2013-11-12 17:33 -------- d-----w- c:\documents and settings\Petrákovi\Local Settings\Data aplikací\GHISLER
2013-11-12 17:29 . 2013-11-12 19:10 -------- d-----w- c:\documents and settings\Petrákovi\Dokumenty
2013-11-12 17:19 . 2013-11-12 17:41 -------- d-----w- c:\documents and settings\Zdenek
2013-11-12 17:14 . 2013-11-12 17:14 -------- d-----w- C:\FRST
2013-11-11 16:28 . 2013-11-11 16:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-11-10 13:26 . 2013-11-10 13:26 -------- d-----w- c:\program files\Dream Aquarium
2013-11-10 13:03 . 1999-12-17 08:13 86016 ----a-r- c:\windows\unvise32.exe
2013-11-03 19:34 . 2013-03-17 16:21 3649536 ----a-w- c:\windows\system32\x264vfw.dll
2013-11-03 19:34 . 2012-07-21 10:54 122880 ----a-w- c:\windows\system32\ac3acm.acm
2013-11-03 19:34 . 2011-12-07 17:32 216064 ----a-w- c:\windows\system32\lagarith.dll
2013-11-03 19:34 . 2011-06-24 14:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2013-11-03 19:34 . 2011-06-24 14:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2013-11-03 19:34 . 2008-09-24 18:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2013-11-03 19:34 . 2013-08-22 17:09 217176 ----a-w- c:\windows\system32\unrar.dll
2013-11-03 19:34 . 2013-09-12 18:00 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2013-11-03 19:34 . 2013-11-03 19:34 -------- d-----w- c:\program files\K-Lite Codec Pack
2013-10-26 12:16 . 2013-10-26 12:16 -------- d-----w- c:\program files\Solitaire XP
2013-10-26 12:16 . 2013-10-26 12:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TEMP
2013-10-23 18:19 . 2013-10-23 18:19 -------- d-----w- c:\program files\PSPad editor
2013-10-16 14:56 . 2013-10-08 05:29 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-16 14:56 . 2013-10-08 05:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 14:58 . 2012-03-29 16:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 14:58 . 2011-06-30 17:56 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 14:58 . 2013-10-09 14:58 17226632 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-02 09:17 . 2013-10-04 11:40 120800 ----a-w- c:\windows\system32\drivers\idmtdi.sys
2013-09-25 18:57 . 2013-08-01 14:06 120632 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-09-23 18:25 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25 . 2008-04-14 12:00 18944 ------w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-09-10 20:11 . 2013-03-01 08:32 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-08 20:12 . 2013-07-09 23:32 27448 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-09-02 08:39 . 2013-07-19 23:50 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-09-02 08:28 . 2013-07-19 23:50 145720 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-09-02 08:28 . 2013-07-19 23:50 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-09-02 08:28 . 2013-07-19 23:51 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-08-29 07:01 . 2008-04-14 12:00 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-20 20:54 . 2013-06-30 23:45 102200 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-10-19 . 8A4209F4C57F1789974FE5D8DCFC25BB . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07 21904 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-15 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-10-07 4908592]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-01-20 16744256]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 05:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-01-20 07:01 16744256 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2012-01-20 07:01 203072 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [20.7.2013 0:50 145720]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [20.7.2013 0:51 223032]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [10.7.2013 0:32 27448]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [1.8.2013 15:06 120632]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [20.7.2013 0:50 209208]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [1.3.2013 9:32 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [20.7.2013 0:50 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [21.3.2013 2:08 193848]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 22:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [19.7.2011 1:02 116608]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [25.9.2013 20:47 301152]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [3.10.2013 21:00 3538480]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [9.10.2013 9:58 3275136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [25.7.2013 7:52 162672]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\ViakaraokeSrv.exe [25.1.2013 16:28 27760]
S3 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [4.10.2013 12:40 120800]
S3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys --> c:\windows\system32\drivers\massfilter.sys [?]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [25.1.2013 16:28 1806448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-12 17:54 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.48\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 14:58]
.
2013-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 09:26]
.
2013-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 09:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.100.254
FF - ProfilePath - c:\documents and settings\Petrákovi\Data aplikací\Mozilla\Firefox\Profiles\sn41vgff.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - ExtSQL: 2013-11-06 18:02; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{41545534-2D56-3700-76A7-7A786E7484D7} - (no file)
MSConfigStartUp-CmPCIaudio - CMICNFG3.cpl
MSConfigStartUp-msxawuxSrv - c:\windows\inf\msxawux.vbe
MSConfigStartUp-NtVdmSrv - c:\windows\inf\ntvdm.vbe
MSConfigStartUp-seznam-listicka-distribuce - c:\program files\Seznam.cz\distribution\szninstall.exe
MSConfigStartUp-SpeedUpMyComputer - c:\program files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe
MSConfigStartUp-vShare - c:\program files\vShare\vShare.exe
AddRemove-Arabian nights - c:\windows\system32\_setup
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-12 20:17
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1214440339-616249376-1801674531-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2732)
c:\program files\Internet Download Manager\IDMShellExt.dll
c:\program files\Internet Download Manager\IDMNetMon.DLL
c:\windows\system32\webcheck.dll
.
Celkový čas: 2013-11-12 20:18:10
ComboFix-quarantined-files.txt 2013-11-12 19:18
.
Před spuštěním: Volných bajtů: 235 324 403 712
Po spuštění: Volných bajtů: 236 503 195 648
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 07F913F94A8F66D003BC73D9F1595A92
413FC2A0C716421B3158746D63736515

Pokud nemate, tak presunte Combofix primo na disk c:\

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  RegNull::
  [HKEY_USERS\S-1-5-21-1214440339-616249376-1801674531-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  
  File::
  c:\windows\Tasks\Adobe Flash Player Updater.job
  c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  
  Registry::
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "AntiVirusOverride"=dword:00000000
  "FirewallOverride"=dword:00000000
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "swg"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "NeroFilterCheck"=-
  "GrooveMonitor"=-
  "RemoteControl"=-
  "SunJavaUpdateSched"=-
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt tez primo na c:\
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Nejde mi průzkumník-tento počítač, takže nevím jak to udělat.
Mohl bych to třeba uložit na plochu?

Plose se chci vyhnout, jelikoz mate v nazvu uctu a tudiz i v ceste ke plose diakritiku. Pujdem na to jinak.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :reg
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "AntiVirusOverride"=dword:00000000
  "FirewallOverride"=dword:00000000
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "swg"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "NeroFilterCheck"=-
  "GrooveMonitor"=-
  "RemoteControl"=-
  "SunJavaUpdateSched"=-
  
  :files
  c:\windows\Tasks\Adobe Flash Player Updater.job
  c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log z OTL

All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate\ deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\security center\\"AntiVirusOverride"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\software\microsoft\security center\\"FirewallOverride"|dword:00000000 /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\RemoteControl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Petr_kovi

User: Petr kovi

User: Petrákovi
->Temp folder emptied: 283433 bytes
->Temporary Internet Files folder emptied: 18390275 bytes
->FireFox cache emptied: 352355298 bytes
->Google Chrome cache emptied: 376744936 bytes
->Flash cache emptied: 602 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Zdenek
->Google Chrome cache emptied: 393645995 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 256504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 194 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 3430055 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 092,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Guest

User: LocalService

User: NetworkService

User: Petr_kovi

User: Petr kovi

User: Petrákovi
->Flash cache emptied: 0 bytes

User: UpdatusUser

User: Zdenek

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: Guest

User: LocalService

User: NetworkService

User: Petr_kovi

User: Petr kovi

User: Petrákovi

User: UpdatusUser

User: Zdenek

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11142013_171444

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Stále nejde spustit Tento počítač a při zapínání se mě ptá jakým způsobem chci PC spustit.

Objevi se nejaka chybova hlaska pri snaze o spusteni tohoto pocitace??

Pri spusteni PC jsou tam jake moznosti na vyber??